Ext4

Ext4 is the evolution of the most used Linux filesystem, Ext3. In many ways, Ext4 is a deeper improvement over Ext3 than Ext3 was over Ext2. Ext3 was mostly about adding journaling to Ext2, but Ext4 modifies important data structures of the filesystem such as the ones destined to store the file data. The result is a filesystem with an improved design, better performance, reliability, and features.

Bytes-per-inode ratio

mke2fs creates an inode for every bytes-per-inode bytes of space on the disk. The larger the bytes-per-inode ratio, the fewer inodes will be created.

Creating a new file, directory, symlink etc. requires at least one free inode. If the inode count is too low, no file can be created on the filesystem even though there is still space left on it.

Because it is not possible to change either the bytes-per-inode ratio or the inode count after the filesystem is created, mkfs.ext4 uses by default a rather low ratio of one inode every 16384 bytes (16 KiB) to avoid this situation.

However, for partitions with size in the hundreds or thousands of GB and average file size in the megabyte range, this usually results in a much too large inode number because the number of files created never reaches the number of inodes.

This results in a waste of disk space, because all those unused inodes each take up 256 bytes on the filesystem (this is also set in /etc/mke2fs.conf but should not be changed). 256 * several millions = quite a few gigabytes wasted in unused inodes.

This situation can be evaluated by comparing the {I}Use% figures provided by df and df -i:

To specify a different bytes-per-inode ratio, you can use the -T usage-type option which hints at the expected usage of the filesystem using types defined in /etc/mke2fs.conf. Among those types are the bigger largefile and largefile4 which offer more relevant ratios of one inode every 1 MiB and 4 MiB respectively. It can be used as such:

# mkfs.ext4 -T largefile /dev/device

The bytes-per-inode ratio can also be set directly via the -i option: e.g. use -i 2097152 for a 2 MiB ratio and -i 6291456 for a 6 MiB ratio.

Tip: Conversely, if you are setting up a partition dedicated to host millions of small files like emails or newsgroup items, you can use smaller usage-type values such as news (one inode for every 4096 bytes) or small (same plus smaller inode and block sizes).

Warning: If you make a heavy use of symbolic links, make sure to keep the inode count high enough with a low bytes-per-inode ratio, because while not taking more space every new symbolic link consumes one new inode and therefore the filesystem may run out of them quickly.

Reserved blocks

By default, 5% of the filesystem blocks will be reserved for the super-user, to avoid fragmentation and "allow root-owned daemons to continue to function correctly after non-privileged processes are prevented from writing to the filesystem" (from mke2fs(8)).

For modern high-capacity disks, this is higher than necessary if the partition is used as a long-term archive or not crucial to system operations (like /home). See this email for the opinion of ext4 developer Ted Ts'o on reserved blocks.

It is generally safe to reduce the percentage of reserved blocks to free up disk space when the partition is either:

Very large (for example > 50G)

Used as long-term archive, i.e., where files will not be deleted and created very often

The -m option of ext4-related utilities allows to specify the percentage of reserved blocks.

Migrating from ext2/ext3 to ext4

Mounting ext2/ext3 partitions as ext4 without converting

Rationale

A compromise between fully converting to ext4 and simply remaining with ext2/ext3 is to mount the partitions as ext4.

Pros:

Compatibility (the filesystem can continue to be mounted as ext3) – This allows users to still read the filesystem from other operating systems without ext4 support (e.g. Windows with ext2/ext3 drivers)

Improved performance (though not as much as a fully-converted ext4 partition).[1][2]

Cons:

Fewer features of ext4 are used (only those that do not change the disk format such as multiblock allocation and delayed allocation)

Note: Except for the relative novelty of ext4 (which can be seen as a risk), there is no major drawback to this technique.

Procedure

Edit /etc/fstab and change the 'type' from ext2/ext3 to ext4 for any partitions you would like to mount as ext4.

Re-mount the affected partitions.

Converting ext2/ext3 partitions to ext4

Rationale

To experience the benefits of ext4, an irreversible conversion process must be completed.

Partitions that contain mostly static files, such as a /boot partition, may not benefit from the new features. Also, adding a journal (which is implied by moving a ext2 partition to ext3/4) always incurs performance overhead.

Irreversible (ext4 partitions cannot be 'downgraded' to ext2/ext3. It is, however, backwards compatible until extent and other unique options are enabled)

If you decide to convert a separate /boot partition, ensure the bootloader supports booting from ext4.

In the following steps /dev/sdxX denotes the path to the partition to be converted, such as /dev/sda1.

Back up all data on any ext3 partitions that are to be converted to ext4. A useful package, especially for root partitions, is clonezilla.

Edit /etc/fstab and change the 'type' from ext3 to ext4 for any partitions that are to be converted to ext4.

Boot the live medium (if necessary). The conversion process with e2fsprogs must be done when the drive is not mounted. If converting a root partition, the simplest way to achieve this is to boot from some other live medium.

Ensure the partition is not mounted

If you want to convert a ext2 partition, the first conversion step is to add a journal by running tune2fs -j /dev/sdxX as root; making it a ext3 partition.

Run tune2fs -O extent,uninit_bg,dir_index /dev/sdxX as root. This command converts the ext3 filesystem to ext4 (irreversibly).

Run fsck -f /dev/sdxX as root.

This step is necessary, otherwise the filesystem will be unreadable. This fsck run is needed to return the filesystem to a consistent state. It will find checksum errors in the group descriptors - this is expected. The -f option asks fsck to force checking even if the file system seems clean. The -p option may be used on top to "automatically repair" (otherwise, the user will be asked for input for each error).

Recommended: mount the partition and run e4defrag -c -v /dev/sdxX as root.

Even though the filesystem is now converted to ext4, all files that have been written before the conversion do not yet take advantage of the extent option of ext4, which will improve large file performance and reduce fragmentation and filesystem check time. In order to fully take advantage of ext4, all files would have to be rewritten on disk. Use e4defrag to take care of this problem.

Reboot

Improving performance

E4rat

E4rat is a preload application designed for the ext4 filesystem. It monitors files opened during boot, optimizes their placement on the partition to improve access time, and preloads them at the very beginning of the boot process. E4rat does not offer improvements with SSDs, whose access time is negligible compared to hard disks.

Disabling access time update

The ext4 file system records information about when a file was last accessed and there is a cost associated with recording it. With the noatime option, the access timestamps on the filesystem are not updated.

/etc/fstab

/dev/sda5 / ext4 defaults,noatime 0 1

Doing so breaks applications that rely on access time, see fstab#atime options for possible solutions.

Increasing commit interval

The sync interval for data and metadata can be increased by providing a higher time delay to the commit option.

The default 5 sec means that if the power is lost, one will lose as much as the latest 5 seconds of work.
It forces a full sync of all data/journal to physical media every 5 seconds. The filesystem will not be damaged though, thanks to the journaling.
The following fstab illustrates the use of commit:

/etc/fstab

/dev/sda5 / ext4 defaults,noatime,commit=60 0 1

Turning barriers off

Warning: Disabling barriers for disks without battery-backed cache is not recommended and can lead to severe file system corruption and data loss.

Ext4 enables write barriers by default. It ensures that file system metadata is correctly written and ordered on disk, even when write caches lose power. This goes with a performance cost especially for applications that use fsync heavily or create and delete many small files. For disks that have a write cache that is battery-backed in one way or another, disabling barriers may safely improve performance.

To turn barriers off, add the option barrier=0 to the desired filesystem. For example:

/etc/fstab

/dev/sda5 / ext4 noatime,barrier=0 0 1

Disabling journaling

Warning: Using a filesystem without journaling can result in data loss in case of sudden dismount like power failure or kernel lockup.

Disabling the journal with ext4 can be done with the following command on an unmounted disk:

# tune2fs -O "^has_journal" /dev/sdXN

Use external journal to optimize performance

This article or section needs language, wiki syntax or style improvements. See Help:Style for reference.

For those with concerns about both data integrity and performance, the journaling can be significantly sped up with the journal_async_commit mount option. Note that it does not work with the balanced default of data=ordered, so this is only recommended when the filesystem is already cautiously using data=journal.

You can then format a dedicated device to journal to with mke2fs -O journal_dev /dev/journal_device. Use tune2fs -J device=/dev/journal_device /dev/ext4_fs to assign the journal to an existing device, or replace tune2fs with mkfs.ext4 if you are making a new filesystem.

Tips and tricks

Using file-based encryption

Note: Ext4 forbids encrypting the root (/) directory and will produce an error on kernel 4.13 and later [5][6].

ext4 supports file-based encryption. In a directory tree marked for encryption, file contents, filenames, and symbolic link targets are all encrypted. Encryption keys are stored in the kernel keyring. See also Quarkslab's blog entry with a write-up of the feature, an overview of the implementation state, and practical test results with kernel 4.1.

The encryption relies on the kernel option CONFIG_EXT4_ENCRYPTION, which is enabled by default, as well as the e4crypt command from the e2fsprogs package.

A precondition is that the filesystem is using a supported block size for encryption:

# tune2fs -l /dev/device | grep 'Block size'

Block size: 4096

# getconf PAGE_SIZE

4096

If these values are not the same, then your filesystem will not support encryption, so do not proceed further.

Warning: Once the encryption feature flag is enabled, kernels older than 4.1 will be unable to mount the filesystem.

Enable on existing filesystem

To enable the encryption feature flag on the filesystem:

# tune2fs -O encrypt /dev/device

Tip: The operation can be reverted with debugfs -w -R "feature -encrypt" /dev/device. Run fsck before and after to ensure the integrity of the file system.

Usage

First make a directory to encrypt:

$ mkdir vault

Note:

Encryption can only be applied to an empty directory. New files and subdirectories within an encrypted directory inherit its encryption policy. Encrypting already existing files is not yet supported.

Applications may fail that need access to an encrypted directory (i.e. on boot) if locked.

Generate and add a new key to the user's keyring. This step must be repeated every time you flush the user's keyring (i.e. logout or reboot):

Warning: If you forget your passphrase, there will be no way to decrypt your files. It also is not yet possible to change a passphrase after it has been set.

Note: To help prevent dictionary attacks on your passphrase, a random salt is automatically generated and stored in the ext4 filesystem superblock. Both the passphrase and the salt are used to derive the actual encryption key. As a consequence of this, if you have multiple ext4 filesystems with encryption enabled mounted, then e4crypt add_key will actually add multiple keys, one per filesystem. Although any key can be used on any filesystem, it would be wise to only use, on a given filesystem, keys using that filesystem's salt. Otherwise, you risk being unable to decrypt files on filesystem A if filesystem B is unmounted. Alternatively, you can use the -S option to e4crypt add_key to specify a salt yourself.

Reason: How does automatically unlocking work? Is it by a PAM module? And should this even be a warning? (Discuss in Talk:Ext4#)

Logging in does automatically unlock home directories encrypted by this method when using GDM or console login.

Note: For security reasons, unencrypted files are not allowed to exist in an encrypted directory. As such, attempting to move (mv) unencrypted files into an encrypted directory will

fail, if both directories are on the same filesystem mount point. This happens because mv will only update the directory index to point to the new directory, but not the file's data inodes (which contain the crypto reference).

succeed, if both directories are on different filesystem mount points (new data inodes are created).

In both cases it is better to copy (cp) files instead, because that leaves the option to securely delete the unencrypted original with shred or a similar tool.

Enabling metadata checksums

When a filesystem has been created with e2fsprogs 1.44 or later, metadata checksums should already be enabled by default. Existing filesystems may be converted to enable metadata checksum support.

If the CPU supports SSE 4.2, make sure the crc32c_intelkernel module is loaded in order to enable the hardware accelerated CRC32C algorithm [7]. If not, load the crc32c_generic module instead.